Stephan Wiesand wrote:
> On Fri, 22 Aug 2008, Jan Iven wrote:
> 
>> On 08/22/2008 02:57 PM, Stephan Wiesand wrote:
>>> Hi Connie & Troy,
>>>
>>> RHSA-2008-0855 scares me.
>>>
>>> There's not much information in that advisory, but it sounds like
>>> someone signed trojaned ssh packages with TUV's key.
>> (Red Hat claims that these never made it through RHN to customer
>> machines, so that only some unspecified other channels would be affected).
> 
> Well, they make no claims regarding their public ftp Server, do they?
> 
>>> Could you please verify that the SRPMS you built from had not been
>>> tampered with, and let us know?
>> Red Hat only mentions some binary RPMs as being affected, given that SL
>> recompiles everything I hope we are largely safe. Nevertheless, they've
>> released updates for all platforms.
> 
> I must have missed the "binary" part. And from the check script:
> 
>    # Alternatively, the script can be passed a list of RPM filenames:
>    #
>    #     $ bash ./openssh-blacklist-1.0.sh some.i386.rpm other.src.rpm
> 
> I don't think it's very likely that SL is in trouble. But let's make sure.
> Unfortunately, I can't find the SL4/5 SRPMS on my SL mirror, hence the
> request.
> 

I have rsynced the openssh src.rpm's up, so they are in the rolling area now.
But I am currently downloading and recompiling their updated openssh right now.
It will be in the Release Candidate 1 that is going to be released today.
Troy
-- 
__________________________________________________
Troy Dawson  [log in to unmask]  (630)840-6468
Fermilab  ComputingDivision/LCSI/CSI DSS Group
__________________________________________________